eCh0raix Ransomware Targets Business Backup Systems
By: Jim Stickley and Tina Davis
November 6, 2019
Backing-up data in preparation for a cyberattack is always recommended, especially for organizations that need immediate access to its critical data to survive. In particular, system backups have been the answer to ransomware attacks that lock and encrypt data, demanding a ransom to restore the information to its rightful owners. However, there’s some ransomware out there that’s turning the backup concept on its head. It’s called eCh0raix or QNAPCrypt, and it’s targeting the QNAP NAS backup systems.
The eCh0raix ransomware looks for systems that are public-facing and poorly secured. There have been many recent tales of this being the case with Amazon Web Services, for example. Traits like weak logins are exploited to gain access to backup systems. Once that happens, the malware takes over and data is locked up and inaccessible. Businesses that relied on their data backups to counter ransomware are typically left with a Bitcoin ransom to restore its data, the very same situation it hoped to avoid.
Handling backup data properly is key to avoiding being victimized by ransomware. Since eCh0raix ransomware specifically looks for public-facing backup systems, storing data away from public internet exposure is a necessary first step...and completely inaccessible in any remote way is preferred. As this ransomware shows, weak password protection also provides easy access to backup data. Always require industrial-strength or encrypted passwords to prevent easy hacking.
Never underestimate the power of system security patches. Apply them as soon as they are available as they often have the latest fixes to security bugs. Regular data backups can supply up-to-date access to the latest data in case of a ransomware attack. However, it’s necessary to test those backups to ensure they function properly when needed.
The popularity of ransomware attacks against businesses is sharply on the rise. These attacks have grown by 97% in the last two years, generating over $25 million a year in ransoms annually. This year, an organization will succumb to a ransom attack every 14 seconds, with projected hits happening every 11 seconds by 2021. Considering 60% of small-to-medium-sized businesses (SMBs) are bankrupt within the first six months after a cyberattack, the cost of protecting data can have devastating consequences. In 2018 alone, almost 70% of SMBs report they were targeted by a cyberattack. Big or small, the threat landscape for a business is far from improving, making safe and effective backup systems more important than ever.
Remember, ransomware like eCh0raix is waiting to pounce on unprotected and inadequate system backups–don’t let your business be its next victim.